Checkout Tools
  • last updated 2 hours ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
Merge of r1861338,1862475,1862583,1862865,1863221,1863276 from trunk:

*) mod_http2: core setting "LimitRequestFieldSize" is not additionally checked on

merged header fields, just as HTTP/1.1 does. [Stefan Eissing, Michael Kaufmann]

*) mod_http2: fixed a bug that prevented proper stream cleanup when connection

throttling was in place. Stream resets by clients on streams initiated by them

are counted as possible trigger for throttling. [Stefan Eissing]

*) mod_http2/mpm_event: Fixes the behaviour when a HTTP/2 connection has nothing

more to write with streams ongoing (flow control block). The timeout waiting

for the client to send WINODW_UPDATE was incorrectly KeepAliveTimeout and not

Timeout as it should be. Fixes PR 63534. [Yann Ylavic, Stefan Eissing]

  1. … 12 more files in changeset.
Merge r1860260 from trunk:

* modules/http2: more copying of data to disentangle worker processing from main connection

Submitted by: icing

Reviewed by: icing, covener, jim

  1. … 5 more files in changeset.
Merge of 1849296,1852038,1852101,1852339,1853171,1853967,1854365,1854963,1854964,1855295,1855411 from trunk:

*) mod_http2: when SSL renegotiation is inhibited and a 403 ErrorDocument is

in play, the proper HTTP/2 stream reset did not trigger with H2_ERR_HTTP_1_1_REQUIRED.

Fixed. [Michael Kaufmann]

*) mod_http2: new configuration directive: `H2Padding numbits` to control

padding of HTTP/2 payload frames. 'numbits' is a number from 0-8,

controlling the range of padding bytes added to a frame. The actual number

added is chosen randomly per frame. This applies to HEADERS, DATA and PUSH_PROMISE

frames equally. The default continues to be 0, e.g. no padding. [Stefan Eissing]

*) mod_http2: ripping out all the h2_req_engine internal features now that mod_proxy_http2

has no more need for it. Optional functions are still declared but no longer implemented.

While previous mod_proxy_http2 will work with this, it is recommeneded to run the matching

versions of both modules. [Stefan Eissing]

*) mod_proxy_http2: changed mod_proxy_http2 implementation and fixed several bugs which

resolve PR63170. The proxy module does now a single h2 request on the (reused)

connection and returns. [Stefan Eissing]

*) mod_http2/mod_proxy_http2: proxy_http2 checks correct master connection aborted status

to trigger immediate shutdown of backend connections. This is now always signalled

by mod_http2 when the the session is being released.

proxy_http2 now only sends a PING frame to the backend when there is not already one

in flight. [Stefan Eissing]

*) mod_proxy_http2: fixed an issue where a proxy_http2 handler entered an infinite

loop when encountering certain errors on the backend connection.

See <https://bz.apache.org/bugzilla/show_bug.cgi?id=63170>. [Stefan Eissing]

*) mod_http2: Configuration directives H2Push and H2Upgrade can now be specified per

Location/Directory, e.g. disabling PUSH for a specific set of resources. [Stefan Eissing]

*) mod_http2: HEAD requests to some module such as mod_cgid caused the stream to

terminate improperly and cause a HTTP/2 PROTOCOL_ERROR.

Fixes <https://github.com/icing/mod_h2/issues/167>. [Michael Kaufmann]

  1. … 34 more files in changeset.
Merge r1843426 from trunk:

mod_http2: adding defensive code for stream EOS handling, in case the request handler

missed to signal it the normal way (eos buckets). Addresses github issues

https://github.com/icing/mod_h2/issues/164, https://github.com/icing/mod_h2/issues/167

and https://github.com/icing/mod_h2/issues/170.

Submitted by: icing

Reviewed by: icing, ylavic, jim

  1. … 5 more files in changeset.
Merge r1840010 from trunk:

On the trunk:

mod_http2: connection IO event handling reworked. Instead of reacting on

incoming bytes, the state machine now acts on incoming frames that are

affecting it. This reduces state transitions.

Submitted by: icing

Reviewed by: icing, ylavic, jim

  1. … 4 more files in changeset.
Merge r1826687, r1827166, r1828210, r1828232, r1828687 from trunk:

Instrument 'bbout'

mod_http2: use proper ARP defined for formatting apr_off_t

On the trunk:

mod_http2: on level trace2, log any unsuccessful HTTP/2 direct connection upgrade

with base64 encoding to unify its appearance in possible bug reports.

On the trunk:

* mod_http2: calculate unencrypted connection sniffing base64 only when log level is at required height. [Ruediger Pluem]

On the trunk:

mod_http2: accurate reporting of h2 data input/output per request via mod_logio. Fixes

an issue where output sizes where counted n-times on reused slave connections. See

gituhub issue: https://github.com/icing/mod_h2/issues/158

Submitted by: jailletc36, icing, icing, icing, icing

Reviewed by: icing, jim, ylavic

  1. … 17 more files in changeset.
On the 2.4.x branch:

Merged /httpd/httpd/trunk:r1821371,1822502-1822503,1822624

  1. … 54 more files in changeset.
docco fix... correct license/copyright info

  1. … 24 more files in changeset.
SECURITY: CVE-2017-9789: Read after free in mod_http2.

When under stress, closing many connections, the HTTP/2

handling code would sometimes access memory after it has

been freed, resulting in potentially erratic behaviour.

Merge r1800689 from trunk:

Disable and give warning when mpm_prefork is encountered.

The server will continue to work, but HTTP/2 will no longer be negotiated.

Submitted by: icing

Reviewed by: icing, ylavic, jim

  1. … 13 more files in changeset.
On the 2.4.x branch:

Merged /httpd/httpd/trunk:r1791790,1792195

  1. … 8 more files in changeset.
On the 2.4.x branch:

Merged /httpd/httpd/trunk:r1790850,1790855,1791377,1791388,1791669,1791773

  1. … 14 more files in changeset.
On the 2.4.x branch:

Merged /httpd/httpd/trunk:r1789740,1790102,1790113,1790284,1790754,1790826-1790827,1790842

  1. … 20 more files in changeset.
On the 2.4.x branch:

Merged /httpd/httpd/trunk:r1786715,1787051,1787141,1787604,1788672,1788981,1789221,1789224,1789276,1789279,1789395,1789520,1789535,1789692

  1. … 31 more files in changeset.
On the 2.4.x branch:

Merged /httpd/httpd/trunk:r1784571,1785672,1785683,1786512,1786575-1786576

mod_http2/mod_proxy_http2 backport

  1. … 17 more files in changeset.
On the 2.4.x branch:

Merged /httpd/httpd/trunk:r1784002,1784366,1784372

  1. … 8 more files in changeset.
On the 2.4.x branch:

merge of r1780598,1781304,1782875,1782944,1782958,1782975 from trunk

  1. … 22 more files in changeset.
On the 2.4.x branch:

Merge of r1779979,1780159,1780576,1780596 from trunk:

M modules/http2/h2_bucket_beam.c

fix for possible duplicate free of send/recv pools

M modules/http2/h2_from_h1.c

suppress generating responses on aborted slave connections

M modules/http2/h2_session.c

regression: stream ongoing streams on graceful shutdown to the end

M modules/http2/h2_version.h

  1. … 6 more files in changeset.
On the 2.4.x branch:

Merge r1779743,1779896,1779972 from trunk.

mod_http2: fixes PR60599, sending proper response for conditional requests

answered by mod_cache. [Jeff Wheelhouse, Stefan Eissing]

  1. … 6 more files in changeset.
On the 2.4.x branch: merge r1778630,1779459,1779525,1779528,1779738 from trunk

*) mod_http2: rework of stream resource cleanup to avoid a crash in a close

of a lingering connection. Prohibit special file bucket beaming for

shared buckets. Files sent in stream output now use the stream pool

as read buffer, reducing memory footprint of connections.

[Yann Ylavic, Stefan Eissing]

  1. … 19 more files in changeset.
On the 2.4.x branch: merge of r1701609-1705681 from trunk.

*) mod_http2: streaming of request output now reacts timely to data

from other streams becoming available. Same for new incoming requests.

  1. … 12 more files in changeset.
On the 2.4.x branch: merge of r1776738,1777160,1777324 from trunk

backport of latest mod_http2 related changes.

  1. … 9 more files in changeset.
On the 2.4.x branch, merge of r1775946,1776735 from trunk:

mod_http2: adding support for MergeTrailers directive.

mod_http2: limiting DATA frame sizes by TLS record sizes in use on the

connection. Flushing outgoing frames earlier.

  1. … 10 more files in changeset.
Merge of r771160,1772576 from trunk:

SECURITY: CVE-2016-8740

mod_http2: properly crafted, endless HTTP/2 CONTINUATION frames could be used to exhaust all server's memory.

Reported by: Naveen Tiwari <naveen.tiwari@asu.edu> and CDF/SEFCOM at Arizona State University

mod_http2: wseaking cleanup assertion on streams that have never been scheduled

  1. … 5 more files in changeset.
Merge of r1771001,1771015 from trunk:

mod_http2: new directive H2EarlyHints

  1. … 7 more files in changeset.
Merge of r1769596,1769600,1770395,1770998 from trunk

mod_http2: PUSH triggers only on GET

mod_proxy_http2: 1xx responses not forwarded unconditionally on HTTP/1.x connections

  1. … 6 more files in changeset.
Merge of r1767936,1768160,1769192,1769550 from trunk:

mod_http2: new directive 'H2PushResource' to enable early pushes before

processing of the main request starts. Resources are announced to the

client in Link headers on a 103 early hint response.

All responses with status code <400 are inspected for Link header and

trigger pushes accordingly. 304 still does prevent pushes.

'H2PushResource' can mark resources as 'critical' which gives them higher

priority than the main resource. This leads to preferred scheduling for

processing and, when content is available, will send it first. 'critical'

is also recognized on Link headers.

mod_proxy_http2: uris in Link headers are now mapped back to a suitable

local url when available. Relative uris with an absolute path are mapped

as well. This makes reverse proxy mapping available for resources

announced in this header.

With 103 interim responses being forwarded to the main client connection,

this effectively allows early pushing of resources by a reverse proxied

backend server.

adding support for newly proposed 103 status code.

  1. … 22 more files in changeset.
Merge of r1766857,1767128,1767180,1767181,1767553 from trunk

mod_http2/mod_proxy_http2 improvments as in CHANGES

  1. … 22 more files in changeset.
Merge of r1765328,1766424,1766691,1766851 from trunk:

mod_http2: v1.7.7, connection shutdown revisited, AP_DEBUG_ASSERT transformed to real asserts

  1. … 21 more files in changeset.
Merge r1766129 from trunk:

Fix -Wunused-but-set-variable warnings.

  1. … 2 more files in changeset.
Merge of 1764243,1765318 from trunk:

mod_http2/mod_proxy_http2: 100-continue implementation, PING checks on aged backend connections

  1. … 16 more files in changeset.